Allow Land attack

Unanswered Question
Oct 17th, 2006
User Badges:

Hi,


I have a Cisco ASA 5510 and couple of webservers behind it. For some specific applications, those webservers call the website hosted on the same box.


The appliance sees that as a Land Attack and gives the following error:


Deny IP due to Land Attack from a.b.c.d to a.b.c.d


Is there any way I can disable this? I tried disabling Anti-spoofing in ASDM but no luck.


Your inputs greatly appreciated.

Thx in advance.


-Janakan

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
irisrios Fri, 10/20/2006 - 13:49
User Badges:
  • Silver, 250 points or more

This message appears when the firewall receives a packet with the IP source address equal to the IP destination, and the

destination port equal to the source port.It is due to spoofing.Use Access-lists to prevent from and to the same address.

rjanakan Sat, 10/21/2006 - 03:19
User Badges:

Hi,


Thanks for the reply. Well, yea I'm receiving Land Attack because the application I run on my webserver calls it's own URL.(There is a work around by changing the URL with localhost or giving private IP). However, it would take sometime to make the code change. So, for timebeing I'd like to disable land attack and would liek to allow the traffic from a packet whose source/destination IP and port numbers are same.


-Janakan

Actions

This Discussion